HashiCorp Vaults allows shifting the way you work with secrets from static to a dynamic paradigm. The lifecycle of the secret in those two paradigms is different which brings some new challenges:
* How do you authenticate apps in Vault?
* How do you get an initial token?
* How to read secrets from Vault?
* How to keep token and secrets renewed?
* How and when revoke token and secrets?
That seems to be very different from typical 12-factor apps setup when am app would simply read configuration and secrets from environment variables, isn't it? Should you do a library to encapsulate this logic? Or is there an SDK available? There is a way to address all questions above with very little or no code changes at all!
I'm going to demo it and then go into nitty-gritty details of implementation so you can repeat the same steps at home/work.
17:30 - 17:45 Meet & Greet
17:45 - 18:30 Andrey Devyatkin - Integrating HashiCorp Vault and k8s apps
18:30 - 18:50 Meet & Eat
18:50 - 19:30 QA
Andrey Devyatkin is a long time Continuous Delivery enthusiast and public speaker passionate about software development processes automation. During the years, Andrey has worked as a software developer, build and release engineer, SRE, Systems engineer and architect for Continuous Integration/Delivery infrastructure. Currently, Andrey is providing consulting services worldwide and building a company for likeminded location independent automation professionals.